配置API管理以将客户端证书从传入请求转发到后端 [英] Configure API Management to forward client certificate from incoming request to backend

问题描述

我遇到了无法解决自己的问题，因此将不胜感激.

I'm having problem which I cannot figure out myself so any help would be appreciated.

我正在尝试实现以下方案，其中客户端向Azure API管理发送包含客户端证书的请求.然后我需要从后端访问此证书，但是自从我收到403以来，该证书似乎已被删除 来自后端的回应.

I'm trying to achieve the following scenario where client sends request which includes client certificate to Azure API Management. Then I need to access this certificate from backend but it seems like the certificate gets removed in the way since I get 403 response from backend.

如果我直接将请求发送到包含客户端证书的后端，则可以正常运行.另外，如果我使用< authentication-certificate thumbprint ="****"从API Management加载客户端证书， />它工作得很好，后端接收 证书.

If I send request straight to backend with client certificate included it works perfectly. Also if I load client certificate from API Management using <authentication-certificate thumbprint="****" /> it works nicely and backend receives certificate.

所以我的问题是，有什么方法可以配置API Management来从传入请求中获取证书并将其传递给后端，就像从API Management加载证书时传递的方法一样?

So my question is that is there any way to configure API Management to grab the certificate from incoming request and pass it to backend like the same way it is passed when its loaded from API Management?

后端是Azure Web App，并且已设置"clientCertEnabled":true.

Backend is Azure Web App and setting "clientCertEnabled": true is configured.

-miko

推荐答案

您可以根据自己的情况参考此文档"固定 使用客户端证书的后端服务 ".您还可以查看证书实体的先决条件，请参阅 此处 .

You may refer this document for your scenario "securing back-end services using client certificate". You may also look into the pre-requisites for the certificate entity, refer here.

.

If this answer was helpful, click "Mark as Answer" or "Up-Vote". To provide additional feedback on your forum experience, click here.

这篇关于配置API管理以将客户端证书从传入请求转发到后端的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！